SecWiki周刊(第247期)
2018/11/19-2018/11/25
安全资讯
中美经济与安全审查委员会研究报告之中国物联网
https://nosec.org/home/detail/1974.html
https://nosec.org/home/detail/1974.html
第一批 AI 已经开始诈骗
https://mp.weixin.qq.com/s/1-Jugo6njEudoFlZWditHg
https://mp.weixin.qq.com/s/1-Jugo6njEudoFlZWditHg
美国邮政泄露6000万用户数据
https://nosec.org/home/detail/1978.html
https://nosec.org/home/detail/1978.html
Instagram疑似泄露部分用户密码
https://nosec.org/home/detail/1970.html
https://nosec.org/home/detail/1970.html
安全技术
PHP免杀大马的奇淫技巧
https://www.chabug.org/web/601.html
https://www.chabug.org/web/601.html
HCTF 2018 admin 题的另一个解法
https://tmr.js.org/p/3a03e44b/#admin
https://tmr.js.org/p/3a03e44b/#admin
物联网安全百科
https://iot-security.wiki/
https://iot-security.wiki/
情报分析与研判之图片信息挖掘(1)
https://www.anquanke.com/post/id/164831
https://www.anquanke.com/post/id/164831
手把手教你破解CobaltStrike3.12
https://mp.weixin.qq.com/s/SuVrMNhGiTfdOTY1CmGRbw
https://mp.weixin.qq.com/s/SuVrMNhGiTfdOTY1CmGRbw
剑影系列之8——硬件下的WiFi安全测试
https://mp.weixin.qq.com/s/zNdEjrP12ZUhEfUb5HwVRg
https://mp.weixin.qq.com/s/zNdEjrP12ZUhEfUb5HwVRg
路由器漏洞频发,mirai 新变种来袭
https://mp.weixin.qq.com/s/jy8Ay4D2gQMHOYlDLwoovQ
https://mp.weixin.qq.com/s/jy8Ay4D2gQMHOYlDLwoovQ
Java代码审计手书(一)
https://xz.aliyun.com/t/3358
https://xz.aliyun.com/t/3358
史上最完整的MySQL注入
https://bbs.ichunqiu.com/thread-44483-1-1.html
https://bbs.ichunqiu.com/thread-44483-1-1.html
Linux PWN从入门到熟练
https://www.anquanke.com/post/id/164530
https://www.anquanke.com/post/id/164530
美国国家安全局(NSA)窃听站
https://mp.weixin.qq.com/s/hodhNQ4bXuxOD6FadpWsWw
https://mp.weixin.qq.com/s/hodhNQ4bXuxOD6FadpWsWw
LCTF 2018 Writeup -- Vidar
https://xz.aliyun.com/t/3355
https://xz.aliyun.com/t/3355
臭名昭著的黑客tessa88的真实身份揭晓
https://nosec.org/home/detail/1977.html
https://nosec.org/home/detail/1977.html
第一届爱奇艺安全沙龙 议题PPT
https://github.com/71src/iqiyi_security_conference_2018
https://github.com/71src/iqiyi_security_conference_2018
高校运维赛 2018 Writeup
https://xz.aliyun.com/t/3329
https://xz.aliyun.com/t/3329
ViperMonkey: VBA maldoc deobfuscation
https://holisticinfosec.io/post/vipermonkey-vba-maldoc-deobfuscation/
https://holisticinfosec.io/post/vipermonkey-vba-maldoc-deobfuscation/
Phishing Attacks on Modern Android
https://securitygossip.com/blog/2018/11/20/phishing-attacks-on-modern-android/
https://securitygossip.com/blog/2018/11/20/phishing-attacks-on-modern-android/
美国情报体系(I.C.)资本培育下的产业发展分析
https://mp.weixin.qq.com/s/UylCCRny2wpyuXni4NL-VA
https://mp.weixin.qq.com/s/UylCCRny2wpyuXni4NL-VA
Windows版本QQ锁定可被绕过
https://mp.weixin.qq.com/s/2hnjrYvq4j0n-NYnDIaPMw
https://mp.weixin.qq.com/s/2hnjrYvq4j0n-NYnDIaPMw
FineCMS 5.0.10 多个 漏洞详细分析过程
https://bbs.ichunqiu.com/thread-48021-1-1.html
https://bbs.ichunqiu.com/thread-48021-1-1.html
图网络—悄然兴起的深度学习新浪潮
https://mp.weixin.qq.com/s/b89VhAluegTpQmSADTggDw
https://mp.weixin.qq.com/s/b89VhAluegTpQmSADTggDw
SecWiki周刊(第246期)
https://www.sec-wiki.com/weekly/246
https://www.sec-wiki.com/weekly/246
关于sqlmap的两个小坑
https://bbs.ichunqiu.com/thread-48025-1-1.html
https://bbs.ichunqiu.com/thread-48025-1-1.html
Fuzzing PHP for Fun and Profit
https://www.tripwire.com/state-of-security/vert/fuzzing-php-for-fun-and-profit/
https://www.tripwire.com/state-of-security/vert/fuzzing-php-for-fun-and-profit/
Security Analysis of smartContract
https://securitygossip.com/blog/2018/11/19/security-analysis-of-smartcontract/
https://securitygossip.com/blog/2018/11/19/security-analysis-of-smartcontract/
遭受刷验证码攻击后的企安建设规划感想
https://bbs.ichunqiu.com/thread-47778-1-1.html
https://bbs.ichunqiu.com/thread-47778-1-1.html
S&P 2019 议题解读(一)
https://mp.weixin.qq.com/s/Rvln157TrVAsdHIZ4zIZVg
https://mp.weixin.qq.com/s/Rvln157TrVAsdHIZ4zIZVg
DropBox的安全测试是如何揭露3个苹果0day漏洞的
https://nosec.org/home/detail/1979.html
https://nosec.org/home/detail/1979.html
如何创建不可被检测的payload
https://nosec.org/home/detail/1975.html
https://nosec.org/home/detail/1975.html
智能合约逆向心法34C3_CTF题分析(案例篇·一)
https://www.freebuf.com/articles/blockchain-articles/190109.html
https://www.freebuf.com/articles/blockchain-articles/190109.html
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第247期)
